Software maker Check Point has detected and reported that a new malware, dubbed HummingBad, discovered in February, may have infected at least 10 million Android devices around the world.

Check Point has released an analysis of the threat, which indicates that there was a sharp spike in infections in mid-May.

HummingBad was first developed to be a “drive-by download attack” that infected mobile phones when people visited particular websites. This allowed attackers to gain full access to the phone and the phone could then be used to generate false advertising revenue through forcing the downloading of apps and clicking of ads on the phone.

The thieves can also sell access to the phones and give away information that is held on them after the device is infected.

The group behind the malware? Yingmob—an advertising analytics agency based in Beijing. Google says it is aware of the malware and its growing threat and is actively blocking users’ installations of the infected apps. Nonetheless, up to 10 million Android devices have been infected, including approximately 288,000 devices in the U.S.

If you are an Android user, install the security updates provided by Google and be aware of and careful about the apps you install.